Where am I?

This Knowledge base article describes the steps needed to successfully configure Bright OpenStack 7.2 to use the Active Directory/LDAP backendIt is now possible to configure AD/LDAP authentication from cmsh in a very simple way.

The LDAP backend will be used for the user/group identity and the MySQL backend will be used for role assignment.

Remove the SQL backend and add an LDAP backend and configure the LDAP backend to bind to Active Diectory, change the <LDAP URL> to the URL of the Active Directory server, eg. ldap://ad.brightcomputing.com. Then create a service user in Active Directory and set the username and the password:

Configure each service user and password used by the OpenStack component.In this case each service user created in the previous step is used for each OpenStack user.It is a best practice to use a user/password for each service, as is done by default with the SQL backend.Retrieve the username/password pair, and create each user with the associated password in Active Directory.